import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.SQLException;
import java.util.List;

public class Admin extends User {
    public Admin(String id, String username, String password, String phone) {
        super(id, username, password, phone, "管理员");
    }

    @Override
    public boolean login(String password) {
        if (locked) {
            System.out.println("账户已锁定");
            return false;
        }
        if (this.password.equals(password)) {
            loginAttempts = 0;
            updateLoginAttempts(); // 更新数据库中的登录尝试次数
            return true;
        } else {
            loginAttempts++;
            if (loginAttempts >= 5) {
                locked = true;
                System.out.println("密码错误次数过多，账户已锁定");
            }
            updateLoginAttempts(); // 更新数据库中的登录尝试次数
            return false;
        }
    }

    // 更新登录尝试次数和锁定状态到数据库
    private void updateLoginAttempts() {
        String sql = "UPDATE users SET login_attempts = ?, locked = ? WHERE id = ?";
        try (Connection conn = DBUtil.getConnection();
             PreparedStatement pstmt = conn.prepareStatement(sql)) {
            pstmt.setInt(1, loginAttempts);
            pstmt.setBoolean(2, locked);
            pstmt.setString(3, id);
            pstmt.executeUpdate();
        } catch (SQLException e) {
            System.err.println("更新登录尝试次数失败: " + e.getMessage());
        }
    }

    public void resetPassword(User user) {
        // 重置密码为"123456"并加密
        String newPassword = MD5Util.encrypt("123456");
        user.password = newPassword;

        // 更新数据库
        String sql = "UPDATE users SET password = ? WHERE id = ?";
        try (Connection conn = DBUtil.getConnection();
             PreparedStatement pstmt = conn.prepareStatement(sql)) {
            pstmt.setString(1, newPassword);
            pstmt.setString(2, user.id);
            pstmt.executeUpdate();

            Log.record("重置密码", "重置用户[" + user.username + "]密码", this.username);
        } catch (SQLException e) {
            System.err.println("重置密码失败: " + e.getMessage());
            throw new RuntimeException("重置密码失败", e);
        }
    }

    public void addUser(User user) {
        String sql = "INSERT INTO users (id, username, password, phone, user_type, register_time, login_attempts, locked) " +
                "VALUES (?, ?, ?, ?, ?, ?, ?, ?)";
        try (Connection conn = DBUtil.getConnection();
             PreparedStatement pstmt = conn.prepareStatement(sql)) {
            pstmt.setString(1, user.id);
            pstmt.setString(2, user.username);
            pstmt.setString(3, user.password);
            pstmt.setString(4, user.phone);
            pstmt.setString(5, user.userType);
            pstmt.setTimestamp(6, new java.sql.Timestamp(user.registerTime.getTime()));
            pstmt.setInt(7, user.loginAttempts);
            pstmt.setBoolean(8, user.locked);

            pstmt.executeUpdate();
            Log.record("添加用户", "添加用户[" + user.username + "]", this.username);
        } catch (SQLException e) {
            System.err.println("添加用户失败: " + e.getMessage());
            throw new IllegalArgumentException("添加用户失败: " + e.getMessage());
        }
    }

    public void deleteUser(String userId) {
        if (userId.equals("admin001")) {
            throw new IllegalArgumentException("不能删除初始管理员账户");
        }

        // 先查询用户是否存在
        User user = UserDAO.getUserById(userId);
        if (user == null) {
            throw new IllegalArgumentException("用户不存在");
        }

        String sql = "DELETE FROM users WHERE id = ?";
        try (Connection conn = DBUtil.getConnection();
             PreparedStatement pstmt = conn.prepareStatement(sql)) {
            pstmt.setString(1, userId);
            pstmt.executeUpdate();

            Log.record("删除用户", "删除用户[" + user.username + "]", this.username);
        } catch (SQLException e) {
            System.err.println("删除用户失败: " + e.getMessage());
            throw new RuntimeException("删除用户失败", e);
        }
    }
}
